- Author:
- Stuart Edward Schechter,
- Adviser:
- Michael D. Smith
When attacking a software system is only as difficult as it is to obtain a vulnerability to exploit, the security strength of that system is equivalent to the market price of such a vulnerability. In this dissertation I show how security strength can be measured using market means, how these strength measures can be applied to create models that forecast the security risk facing a system, and how the power of markets can also be unleashed to increase security strength throughout the software development process. In short, I provide the building blocks required for a comprehensive, quantitative approach to increasing security strength and reducing security risk. The importance of quantifying security strength and risk continues to grow as individuals, businesses, and governments become increasingly reliant on software systems. The security of software deployed to date has suffered because these systems are developed and released without any meaningful measures of security, causing consumers to be unable to differentiate stronger software products from weaker ones. Even if we knew that we could make systems measurably stronger, the lack of accurate security risk models has blurred our ability to forecast the value to be gained by strengthening these systems. Without the tools introduced in this dissertation, those of us tasked with making security decisions have been forced to rely on expert opinion, anecdotal evidence, and other unproven heuristics.
Cited By
Laube S and Böhme R (2017). Strategic Aspects of Cyber Risk Information Sharing, ACM Computing Surveys, 50:5, (1-36), Online publication date: 30-Sep-2018.- Munaiah N and Meneely A Vulnerability severity scoring and bounties: why the disconnect? Proceedings of the 2nd International Workshop on Software Analytics, (8-14)
- Fedler R, Banescu S and Pretschner A ISA$$^2$$R Proceedings of the 34th International Conference on Computer Safety, Reliability, and Security - Volume 9337, (362-371)
- Santos J (2015). An Agent-Based Model of Insurance and Protection Decisions on IT Systems, International Journal of Agent Technologies and Systems, 7:3, (1-17), Online publication date: 1-Jul-2015.
- (2014). DAG-based attack and defense modeling, Computer Science Review, 13:C, (1-38), Online publication date: 1-Nov-2014.
- Egelman S, Herley C and van Oorschot P Markets for zero-day exploits Proceedings of the 2013 New Security Paradigms Workshop, (41-46)
- Ransbotham S, Mitra S and Ramsey J (2012). Are markets for vulnerabilities effective?, MIS Quarterly, 36:1, (43-64), Online publication date: 1-Mar-2012.
- Kurmus A, Gupta M, Pletka R, Cachin C and Haas R A comparison of secure multi-tenancy architectures for filesystem storage clouds Proceedings of the 12th ACM/IFIP/USENIX international conference on Middleware, (471-490)
- Kurmus A, Gupta M, Pletka R, Cachin C and Haas R A comparison of secure multi-tenancy architectures for filesystem storage clouds Proceedings of the 12th International Middleware Conference, (460-479)
- Ma Z (2011). Frailty modelling for risk analysis in network security and survivability, International Journal of Information and Computer Security, 4:3, (276-294), Online publication date: 1-May-2011.
- Johnson M, Karat J, Karat C and Grueneberg K Optimizing a policy authoring framework for security and privacy policies Proceedings of the Sixth Symposium on Usable Privacy and Security, (1-9)
- Tallau L, Gupta M and Sharman R (2019). Information security investment decisions: evaluating the Balanced Scorecard method, International Journal of Business Information Systems, 5:1, (34-57), Online publication date: 1-Nov-2010.
- Shetty N, Schwartz G and Walrand J Can competitive insurers improve network security? Proceedings of the 3rd international conference on Trust and trustworthy computing, (308-322)
- Chen Y, Wu D and Wu C A Game Theoretic Approach for Deploying Intrusion Detection Agent Agent Computing and Multi-Agent Systems, (446-451)
- Clark K, Singleton E, Tyree S and Hale J Strata-Gem Proceedings of the 4th ACM workshop on Quality of protection, (51-58)
- Ketel M IT security risk management Proceedings of the 46th Annual Southeast Regional Conference on XX, (373-376)
- Eusgeld I References Dependability metrics, (267-300)
- Bistarelli S, Fioravanti F and Peretti P Using CP-nets as a guide for countermeasure selection Proceedings of the 2007 ACM symposium on Applied computing, (300-304)
- Buldas A, Laud P, Priisalu J, Saarepera M and Willemson J Rational choice of security measures via multi-parameter attack trees Proceedings of the First international conference on Critical Information Infrastructures Security, (235-248)
- Böhme R A comparison of market approaches to software vulnerability disclosure Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security, (298-311)
- Wawrzyniak D Information security risk assessment model for risk management Proceedings of the Third international conference on Trust, Privacy, and Security in Digital Business, (21-30)
- Bistarelli S, Dall'Aglio M and Peretti P Strategic games on defense trees Proceedings of the 4th international conference on Formal aspects in security and trust, (1-15)
- Anand M, Ives Z and Lee I Quantifying eavesdropping vulnerability in sensor networks Proceedings of the 2nd international workshop on Data management for sensor networks, (3-9)
- Baiardi F and Telmon C A theoretical model for the average impact of attacks on billing infrastructures Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security, (298-310)
Index Terms
- Computer security strength and risk: a quantitative approach
Recommendations
A Survey of Quantitative Security Risk Analysis Models for Computer Systems
ICAAI '18: Proceedings of the 2nd International Conference on Advances in Artificial IntelligenceSecurity risk analysis is an essential part of the management of information systems. Models of security risk analysis have the same target to prevent risks caused by information assets, their potential threats, and vulnerabilities, in addition to ...
Risk-based Systems Security Engineering: Stopping Attacks with Intention
Government and industry increasingly rely on modern information systems (IS) for mission successes. But their critical IS must survive in hostile environments; thus, mission owners need systems security engineers to build systems that are secure against ...